GitLab

Don't have otrl_init call exit(1) if the application's requested version
number differs from libotr's.  Rather, return a non-zero error code, and
have the application clean up gracefully.  The OTRL_INIT macro now
checks the error code and does an exit(1) as the default behaviour, but
the application can do what it likes.

The new timer_control callback will instruct the application to call the
new otrl_message_poll function in order to actually clear out the above
stale committed keys.

This will be used to clear the committed key from the master context
once we don't expect any more instances of our buddy to respond with a
DHKEY message.

Thanks to Kjell Braden <kb@pentabarf.de> for noticing the omission.

libotr was exporting exactly two functions without the otrl_ prefix:
context_priv_new and context_priv_force_finished.  Change the names of
these functions to start with otrl_.  Thanks to David Goulet
<dgoulet@ev0ke.net> for noticing it.

Don't update the recent_sent_child field to point to the master context
just becuase we sent a version 3 COMMIT message (which has no
destination instance).

Similarly to the previous commit, if we receive a COMMIT message, we
should just use it to start a new SIGMA protocol, rather than comparing
it against the old COMMIT message we may have still lying around.  This
completely removes the need for the otrl_auth_copy_on_commit function.

If we receive a COMMIT message after sending our own COMMIT, it used to
be the case that this was a simultaneous attempt to start OTR from each
side.  Now it's much more likely that one side sent its COMMIT some time
in the past, but it stuck around in the master context, just in case
some other logged in instance of the buddy is still going to respond
with a DHKEY message.  So if we now receive a COMMIT *to* the master
context, ignore the old COMMIT we sent, and always use the received one
to start a new SIGMA protocol.

If debugging is enabled, and you type ?OTR!!, all contexts will be
dumped to stderr.

If OTRL_DEBUGGING is set, add functions to dump the internal
state of a ConnContext to a FILE*.

Consider copying the master auth context to the child, even if the child
is already in ENCRYPTED, because we might be trying to refresh a private
conversation.

checks for support LD support for -pie, --dynamicbase,
and --nxcompat on win32.

checks for support of CC support for -fPIE.

    These new compiler and linker hardening options may be disabled at
    your own peril with the following options to configure:

      --disable-gcc-hardening, disable compiler security checks
      --disable-linker-hardening, disable linker security fixups

Thanks to George Kadianakis <desnacked@riseup.net> for the report.

Just to make it a bit cleaner

It turns out it can't happen in the current code, as messagep
can't be NULL at this point if an error hasn't been flagged.
But still, better safe, in case something changes later.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Clean up the previous b64 patch and apply it to all places where
otrl_base64_decode() is called.

This prevents a one-byte heap buffer overflow.  Thanks to Justin
Ferguson <jnferguson@gmail.com> for the report.

(It wouldn't appear in practice, as we don't send around >2GB objects,
but still, better to close a possible attack vector.)

Preparing for 4.0.0-beta2.